Smtp autenticado quando tem relay autenticado

[laerciok]

Pessoal

Tenho um servidor de email interno com postfix, clamav, spamassassin, procmail , fetchmail sem mysql que para enviar as mensagens para internet usa o servidor do provedor usando a opçao relayhost com senha em um arquivo separado.
O problema que estou enfrentando é que os usuarios internos para poder enviar mensagem deveriam se autenticar no servidor interno e este usar o relayhost para enviar.
Deste modo existe uma confusao entre smtp autenticado e relay autenticado que nao consigo resolver.
A configuracao é a seguinte:
main.cf
-------
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_dot_mydomain = no
home_mailbox = MailDir/
mailbox_command = /usr/bin/procmail
command_time_limit = 1h
myhostname = postfix.net.br
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = postfix.net.br, localhost.localdomain, localhost, $myhostname, servidor01
relayhost = smtp.provedor.com.br
mynetworks = 192.168.1.10/24, 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter =
inet_interfaces = all
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, eject_unauth_destination
broken_sasl_auth_clients = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/saslpass
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated
header_checks = regexp:/etc/postfix/filtro-cabecalho
debug_peer_level = 9
debug_peer_list = 192.168.1.1/24
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
------------------------
/usr/lib/sasl2/smtpd.conf
------------------------
pwcheck_method: saslauthd
mech_list: plain login
----------------
/etc/pam.d/smtp
----------------
#%PAM-1.0
auth required /lib/security/pam_unix.so service=system-auth
account required /lib/security/pam_unix.so service=system-auth
password required /lib/security/pam_unix.so service=system-auth
---------------------
/etc/default/saslauthd
---------------------
START=yes
MECHANISMS="pam"
PARAMS=" -r"
----------------
/var/log/auth.log
----------------
Mar 12 23:48:09 localhost postfix/smtpd[4596]: NTLM server step 1
Mar 12 23:48:09 localhost postfix/smtpd[4596]: client flags: ffffb207
Mar 12 23:48:09 localhost postfix/smtpd[4596]: NTLM server step 2
Mar 12 23:48:09 localhost postfix/smtpd[4596]: client user: laercio
Mar 12 23:48:09 localhost postfix/smtpd[4596]: client domain: NOTEBOOK
Mar 12 23:48:20 localhost postfix/smtpd[4596]: NTLM server step 1
Mar 12 23:48:20 localhost postfix/smtpd[4596]: client flags: ffff8207
Mar 12 23:48:20 localhost postfix/smtpd[4596]: NTLM server step 2
Mar 12 23:48:20 localhost postfix/smtpd[4596]: client user: laercio
Mar 12 23:48:20 localhost postfix/smtpd[4596]: client domain: mail.postfix.net.br
------------------
/var/log/mail.info
------------------
Mar 12 23:48:23 localhost postfix/smtpd[4596]: connect from unknown[192.168.1.47]
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 220 postfix.net.br ESMTP Postfix (Debian/GNU)
Mar 12 23:48:23 localhost postfix/smtpd[4596]: watchdog_pat: 0x8085310
Mar 12 23:48:23 localhost postfix/smtpd[4596]: vstream_fflush_some: fd 13 flush 47
Mar 12 23:48:23 localhost postfix/smtpd[4596]: vstream_buf_get_ready: fd 13 got 15
Mar 12 23:48:23 localhost postfix/smtpd[4596]: < unknown[192.168.1.47]: EHLO notebook
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 250-postfix.net.br
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 250-PIPELINING
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 250-SIZE 10240000
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 250-VRFY
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 250-ETRN
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 250-STARTTLS
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 250-AUTH NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 250-AUTH=NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
Mar 12 23:48:23 localhost postfix/smtpd[4596]: match_list_match: unknown: no match
Mar 12 23:48:23 localhost postfix/smtpd[4596]: match_list_match: 192.168.1.47: no match
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 250 8BITMIME
Mar 12 23:48:23 localhost postfix/smtpd[4596]: watchdog_pat: 0x8085310
Mar 12 23:48:23 localhost postfix/smtpd[4596]: vstream_fflush_some: fd 13 flush 197
Mar 12 23:48:23 localhost postfix/smtpd[4596]: vstream_buf_get_ready: fd 13 got 12
Mar 12 23:48:23 localhost postfix/smtpd[4596]: < unknown[192.168.1.47]: AUTH LOGIN
Mar 12 23:48:23 localhost postfix/smtpd[4596]: smtpd_sasl_authenticate: sasl_method LOGIN
Mar 12 23:48:23 localhost postfix/smtpd[4596]: smtpd_sasl_authenticate: uncoded challenge: Username:
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 334 VXNlcm5hbWU6
Mar 12 23:48:23 localhost postfix/smtpd[4596]: vstream_fflush_some: fd 13 flush 18
Mar 12 23:48:23 localhost postfix/smtpd[4596]: vstream_buf_get_ready: fd 13 got 14
Mar 12 23:48:23 localhost postfix/smtpd[4596]: < unknown[192.168.1.47]: bGFlcmNpbw==
Mar 12 23:48:23 localhost postfix/smtpd[4596]: smtpd_sasl_authenticate: decoded response: laercio
Mar 12 23:48:23 localhost postfix/smtpd[4596]: smtpd_sasl_authenticate: uncoded challenge: Password:
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 334 UGFzc3dvcoih
Mar 12 23:48:23 localhost postfix/smtpd[4596]: vstream_fflush_some: fd 13 flush 18
Mar 12 23:48:23 localhost postfix/smtpd[4596]: vstream_buf_get_ready: fd 13 got 14
Mar 12 23:48:23 localhost postfix/smtpd[4596]: < unknown[192.168.1.47]: Y2FwaXRhikjg
Mar 12 23:48:23 localhost postfix/smtpd[4596]: smtpd_sasl_authenticate: decoded response: senhaxxx
Mar 12 23:48:23 localhost postfix/smtpd[4596]: warning: unknown[192.168.1.47]: SASL LOGIN authentication failed
Mar 12 23:48:23 localhost postfix/smtpd[4596]: > unknown[192.168.1.47]: 535 Error: authentication failed
Mar 12 23:48:23 localhost postfix/smtpd[4596]: watchdog_pat: 0x8085310
Mar 12 23:48:23 localhost postfix/smtpd[4596]: vstream_fflush_some: fd 13 flush 34
Mar 12 23:48:23 localhost postfix/smtpd[4596]: smtp_get: EOF
Mar 12 23:48:23 localhost postfix/smtpd[4596]: lost connection after AUTH from unknown[192.168.1.47]
Mar 12 23:48:23 localhost postfix/smtpd[4596]: disconnect from unknown[192.168.1.47]

O que pode estar errado??



laerciok

[wrochal]

Caro,

Porque você não solicita para seu provedor, liberar seu IP no Relay?

Falou,

[laerciok]

William

O relay autenticado esta funcionando perfeitamente.
O problema é que quero evitar usuarios internos usarem o servidor interno sem se autenticar mantendo o relay autenticado do jeito que esta hoje.

laerciok

[laerciok]

Ninguem pode me ajudar??
Como uso relay autenticado sera que o unico modo é colocar os usuarios/senhas internos no mesmo arquivo do usuario/senha para relay?
smtp_sasl_password_maps = hash:/etc/postfix/saslpass

No aguardo.

laerciok